NSA and DHS cybersecurity endorsement for Estrella Mountain Community College

Nationally, the reality of cyber protection of privacy and assets is constant, and that’s no different in Arizona. Cyber-attacks impact multitudes of individuals, private enterprises and government institutions each day. Estrella Mountain Community College (EMCC), responding to local and national needs, developed a robust cybersecurity program to put more boots on the ground for this critical industry.

“Both the public and private sectors are caught off guard with the perpetually evolving speed, sophistication, innovation and tenacity of cyber-attacks,” said Tom Polliard, Occupational Program Director for EMCC’s Cybersecurity program. “These attacks lead to a loss of or compromise of assets and/or privacy. At EMCC, we recognize the IT workforce needs people with the specialized skillsets necessary to combat this threat.”

Estrella’s Information Technology and Power Systems Security program was developed by working with a number of public and private industry partners to ensure the program is teaching the skills necessary to contribute to the IT Security workforce. The first semester the program was offered was in the fall of 2015.

EMCC not only offers a program built on the credibility of its rigor, but the college has recently received the coveted National Center of Academic Excellence designation. The National Security Agency (NSA) and Department of Homeland Security (DHS) determined Estrella Mountain Community College met rigorous criteria needed to ensure students are receiving the necessary training required to help protect the nation’s infrastructure.

“It is important for students to know that outside institutions have examined EMCC’s program and verified the program is providing students the knowledge and skills required to be a productive member of the cybersecurity workforce,” Polliard said. “The employment outlook is very good. There are a number of online reports suggesting a near-zero unemployment rate in cybersecurity.”

Students enrolled in the IT and Power Systems Security program EMCC receive a lot of hands-on training meant to provide students with the opportunity to put into practice concepts learned in the classroom. EMCC is continuously refining and implementing hand-on activities such that students can hone their critical thinking skills and experience working in a team environment.

“We’ve instituted a challenging event called, “Router Wars” (though it involves more than just routers) where students are placed into teams and are tasked with building a network to exact specifications,” Polliard explained. “After building the network, the instructor verifies the specifications have been met and then invites another team to hack into the network and do some damage.”

Estrella Mountain Community College (EMCC), responding to local and national needs, developed a robust cybersecurity program to put more boots on the ground for this critical industry.(Photo: EMCC)

After the students hack their counterparts’ network, the original team must find and fix what their opponent did within a certain amount of time. To make the exercise relevant to the workforce, defending and attacking teams must document everything they do. After the activity is done, students and faculty hold a “post mortem” (a.k.a. lessons learned) to discuss what went well, what didn’t go well and how to improve the activity for the next round.

Cybersecurity students also wade deep into stress intrusion detection, VPN tunneling, firewall configurations, access control lists, encryption, remote access and more. EMCC is exploring implementing a cyberwarfare range on its campus as well.

“A cyberwarfare range is a place where both students and the public could come to practice their cyberwarfare skills and/or learn new skills,” Polliard said. “Participants would be able to setup environments where they would be able to test various hacking techniques and technologies. The environment could be created using hardware or in a virtualized environment. The ultimate goal of this lab space would be to educate not only students, but also the public about the dynamic world of cybersecurity.”

One thing EMCC is proud of is that the cybersecurity program is not stagnant one. EMCC continues to work with industry partners to ensure the program provides the knowledge and skillsets industry is demanding of entry-level cybersecurity workforce.

Polliard consistently asks industry professionals to examine the program and provide feedback as to what companies need from EMCC’s graduates and how the industry is changing. EMCC faculty remain in contact with former students and solicit their input as to what changes should be made to the curriculum to better serve students and the community.

This proactive reach into the industry isn’t one sided. Polliard advises students to be proactive as well, “Cybersecurity is not a career field where you can just sit back and relax after you earned the degree. Things in IT Security change frequently and students have to be willing to take the initiative and learn new things.

You may not always work from 9 to 5, Monday through Friday. Often, IT Security professional to work well into the night or on the weekend. Cyber-attacks won’t wait for you to get to work at 9 a.m.”

But you don’t have to be a computer or network expert to begin, or even have extensive experience with computers to enroll. The program is structured to teach students with no computer experience the skills necessary to work in IT Security. Students also can enter the entry-level IT workforce with EMCC’s associate degrees or certificates. You do not have to have a 4-year degree to get into cybersecurity.

The IT and Power Systems Security AAS degree consists of four specialties (Power systems, Network Security, Linux Systems Security, Microsoft Systems Security) and students pick one or more of the specialties. Program faculty or an advisor will sit down with a student to map out a semester-by-semester timeline in which to complete the program of study.

Members of the editorial and news staff of the USA Today Network were not involved in the creation of this content.